Z

[Previous] [Next]

ZAK

See

Zero Administration Kit (ZAK)

Zero Administration Kit (ZAK)

A collection of tools, methodologies, and guidelines for Microsoft Windows NT Workstation 4 that network administrators can use to implement policy-based management of Windows NT–based networks. You can use the Zero Administration Kit (ZAK) to

How It Works

The Zero Administration Kit uses the security of the NTFS file system along with system policies and user profiles. You can use the predefined set of system policies to override the local default settings, and you can use standard user profiles to configure and manage users’ desktops from a central location. The Zero Administration Kit includes the two following preconfigured modes of operation. (Advanced administrators can create other custom network configurations.)

TIP


Microsoft TechNet includes a self-paced Hypertext Markup Language (HTML) course called “Implementing the MS Zero Administration Kit for Windows NT Workstation 4.0” (course 979), which is a great resource for learning about how to implement and deploy the Zero Administration Kit.

On the Web

Zero Administration Kit home page : http://www.microsoft.com/windows/zak

zone

Also called a zone of authority, a subset of the Domain Name System (DNS) namespace that is managed by a name server. This administrative unit can consist of a single domain, or it can be a domain combined with a number of subdomains. The concepts of a zone and a DNS domain are related: each zone is anchored in a specific domain known as the zone’s root domain.

How It Works

The name server must have a zone file, which contains the mappings between IP addresses and host names for the zone. A name server can manage one or more zones, depending on how it is configured. For example, a name server might have one zone for the domain microsoft.com and another zone for the domain adventure.expedia.com. Depending on how the zone file is configured, a name server might be responsible for

Typically, at least two name servers are responsible for a given zone—a primary name server, which manages the actual zone file, and one or more secondary name servers for redundancy. The primary name server manages a standard primary zone, which is represented by a text file called a zone file. (You can modify this file by using a text editor such as Notepad or by using the Microsoft Windows NT administrative tool called DNS Manager.) Each secondary name server manages a standard secondary zone, which is represented by a read-only zone file that you obtain by copying the primary zone file from the primary name server via a process called zone transfer.

graphic z-1. zones and domains in dns.

Graphic Z-1. Zones and domains in DNS.

NOTE


In Microsoft Windows 2000–based networks, a zone can take yet a third form, called an Active Directory integrated zone. In this type of zone, the zone information is stored and integrated into Active Directory of Windows 2000 for security purposes and is replicated by using the standard directory replication method used by Windows 2000 domain controllers. DNS in Windows 2000 supports dynamic update to ease the administrative burden of manually maintaining zone files.

See also Domain Name System (DNS)

zone file

A file on a name server that contains information that defines the zone that the name server manages. The zone file is a text file consisting of a series of resource records that form the Domain Name System (DNS) database of the name server. These records identify which name server is responsible for a given zone, timing parameters for zone transfers between name servers, IP address to host name mappings for hosts within the domains over which the zone file is authoritative, and so on.

A typical zone file might look something like this:

 ; Database file microsoft.com.dns for microsoft.com. zone. @             IN    SOA    dns1.microsoft.com.  admin.microsoft.com.(               12    ; serial number               3600    ; refresh               600    ; retry               86400    ; expire               3600    ) ; minimum TTL ; Zone NS records @              IN    NS    dns1 @              IN    NS    dns2 ; Zone A records dns1        IN    A    192.250.100.10 dns2        IN    A    192.250.100.11 proxy1        IN    A    192.250.100.101 fred        IN    A    192.250.100.102 wilma        IN    A    192.250.100.103 localhost    IN     A    127.0.0.1 www             IN    CNAME    fred ftp             IN    CNAME    wilma 

NOTE


On Microsoft Windows NT–based and Windows 2000–based servers running the DNS Server services (and hence configured to operate as name servers for the network), the names of the zone files are similar to the names of the domains over which they have authority, but they have the .dns extension appended to them. For example, the zone file for the domain microsoft.com would be microsoft.com.dns and would be located in the directory \%SystemRoot%\System32\Dns.

A typical DNS server has at least three zone files:

 

TIP


Windows 2000 gives you the option of integrating DNS with Active Directory. This results in zone data being stored in Active Directory, which has advantages over traditional implementations of DNS in which zone data is stored in text files:

You should generally use the Windows NT administrative tool called DNS Manager to make changes to zone files on a DNS server running on Windows NT rather than modify these files directly by using a text editor such as Notepad. This will prevent errors from finding their way into the DNS database. Similarly, use the DNS console in Windows 2000 to administer the zone files instead of editing them directly.

See also Domain Name System (DNS), resource record

zone of authority

See zone

zone transfer

The process of transferring information in the zone file on a primary name server to a secondary name server. You would do this in the following situations:

How It Works

In Microsoft’s implementation of DNS on Microsoft Windows NT, zone transfers occur in three circumstances:

A zone transfer is always initiated by the secondary name server. Typically, the secondary name server periodically contacts the primary name server to determine whether any changes have been made to the primary name server’s zone file. If so, it initiates a request for zone transfer. Specifically, when the refresh interval expires on the secondary name server, the following occurs:

  1. The secondary name server requests and receives the SOA record from the primary name server.

  2. The secondary name server compares the version number in the primary name server’s SOA record with its own current version number. If they differ, the secondary name server requests a zone transfer from the primary name server.

  3. In standard DNS operation, the entire zone file is transferred during this process.

    graphic z-2. zone transfer in standard dns on windows nt.

    Graphic Z-2. Zone transfer in standard DNS on Windows NT.

NOTE


The dynamic update standard supported by Microsoft Windows 2000 allows zone information to be transferred by using updates. The entire contents of the zone file are not sent when a change is made to a resource record in the file. This method is called incremental zone transfer and is defined in Request for Comments (RFC) 1995.

See also Domain Name System (DNS), zone


Microsoft Encyclopedia of Networking
Microsoft Encyclopedia of Networking
ISBN: 0735613788
EAN: 2147483647
Year: 2000
Pages: 37
Authors: Mitch Tulloch, Ingrid Tulloch
BUY ON AMAZON

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net